Claim Page SSO

Introduction

This document describes the Claim Page SSO - way to login to Claim Page with access token using single sign on.

To enter Claim Page without login it is needed to use URL with following format:

https://<claimPageURL>/<tenant>/login?userGlobalId=<userID>&redirectUrl=<redirectUrl>&sso_token=<ssoToken>

For production enviroment:

https://myclaim.scalepoint.com/<tenant>/login?userGlobalId=<userID>&redirectUrl=<redirectUrl>&sso_token=<ssoToken>

URL Parameters

Parameter name	Description	Example
`<tenant>`	Tenant name	codan, tryg, nemforsiking etc.
`<userID>`	User identifier - please see section below - UserId	11111111-1111-1111-1111-111111111111@tenant.scalepoint.com
`<redirectUrl>`	URL to claim page where user wants to enter	claims/1/overview
`<ssoToken>`	Access token from authorization server - please see section below - SSOToken	aa0a92f77f0cef715d2f634e3b5def9e

How to obtain data

UserId

UserId is a combination of agentId and tenantName in following format: <agentId>@<tenant>.scalepoint.com

11111111-1111-1111-1111-111111111111@tenant.scalepoint.com

It can be obtained on Participants tab in Claim details in CWA. Please check Access to claim page link - contextUserGlobalId is a value that we are searching for.

SSOToken

To receive SSO Token, autorization server need to be used. Please refer to the documentation about details of authentication process.

Request parameters

Parameter name	Description	Example
`scope`	Requested scope	`self-service:sso`
`client_id`	Client identifier	`<tenant>_cp_sso`
`client_secret`	Self-signed X.509 certificate (2048 bit RSA) with private key.
`grant_type`	Client credentials flow	`urn:scalepoint:params:oauth:grant-type:resource-scoped-access`
`target`	URL address that need to be authenticated - URL from first section without ssoToken param	`https://<claimPageURL>/<tenant>/login?userGlobalId=<userID>&redirectUrl=<redirectUrl>`
`client_assertion_type`	JWT Bearer token assertion type	`urn:ietf:params:oauth:client-assertion-type:jwt-bearer`

Response

If request succeeded, the token endpoint will return HTTP status 200 OK and a JSON body similar to this:

{
  "access_token":"aa0a92f77f0cef715d2f634e3b5def9e",
  "expires_in":300,
  "token_type":"Bearer"
}

Information

received access_token can be used as SSO Token
notice that received access_token is 5 minutes long valid

GETTING STARTED

Introduction

INSURANCE COMPANY STORIES

Azure AD federation

Attachments Updated

Fraud Alert

Material Supplier Integration API

Unified Payments

Policy Services

Sandbox migration

Widget implementation

SERVICE PARTNER STORIES

OIOUBL guidelines

Service Partners Integration

Service Providers Events Integration API

Suppliers Integration

API BASICS

Authentication

API ENDPOINTS

Claim Page API

Delete Case API

Digital Inbox API

Events API

File Service API

Expense Integration API

Report Manager API

Service Providers Search API

Settlement API

Order Data REST API

LossData API

Case Integration API

Case Data API

COMPONENTS

Enricher

LEGACY

Legacy Documentation

Claim Page SSO

Introduction

URL Parameters

How to obtain data

UserId

SSOToken

Request parameters

Response

Information